Skip to main content
aboutsummaryrefslogtreecommitdiffstats
path: root/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java
diff options
context:
space:
mode:
Diffstat (limited to 'bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java')
-rw-r--r--bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java45
1 files changed, 23 insertions, 22 deletions
diff --git a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java
index a9f1a37a3..780605012 100644
--- a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java
+++ b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java
@@ -184,16 +184,17 @@ public class SignedBundleHook implements ActivatorHookFactory, BundleFileWrapper
public void addHooks(HookRegistry hookRegistry) {
container = hookRegistry.getContainer();
hookRegistry.addActivatorHookFactory(this);
- String[] support = ManifestElement.getArrayFromList(hookRegistry.getConfiguration().getConfiguration(SIGNED_CONTENT_SUPPORT, hookRegistry.getConfiguration().getConfiguration(SIGNED_BUNDLE_SUPPORT)), ","); //$NON-NLS-1$
- for (int i = 0; i < support.length; i++) {
- if (SUPPORT_CERTIFICATE.equals(support[i]))
+ String[] supportOptions = ManifestElement.getArrayFromList(hookRegistry.getConfiguration().getConfiguration(SIGNED_CONTENT_SUPPORT, hookRegistry.getConfiguration().getConfiguration(SIGNED_BUNDLE_SUPPORT)), ","); //$NON-NLS-1$
+ for (String supportOption : supportOptions) {
+ if (SUPPORT_CERTIFICATE.equals(supportOption)) {
supportSignedBundles |= VERIFY_CERTIFICATE;
- else if (SUPPORT_TRUST.equals(support[i]))
+ } else if (SUPPORT_TRUST.equals(supportOption)) {
supportSignedBundles |= VERIFY_CERTIFICATE | VERIFY_TRUST;
- else if (SUPPORT_RUNTIME.equals(support[i]))
+ } else if (SUPPORT_RUNTIME.equals(supportOption)) {
supportSignedBundles |= VERIFY_CERTIFICATE | VERIFY_RUNTIME;
- else if (SUPPORT_TRUE.equals(support[i]) || SUPPORT_ALL.equals(support[i]))
+ } else if (SUPPORT_TRUE.equals(supportOption) || SUPPORT_ALL.equals(supportOption)) {
supportSignedBundles |= VERIFY_ALL;
+ }
}
trustEngineNameProp = hookRegistry.getConfiguration().getConfiguration(SignedContentConstants.TRUST_ENGINE);
@@ -333,17 +334,17 @@ public class SignedBundleHook implements ActivatorHookFactory, BundleFileWrapper
void determineTrust(SignedContentImpl trustedContent, int supportFlags) {
TrustEngine[] engines = null;
SignerInfo[] signers = trustedContent.getSignerInfos();
- for (int i = 0; i < signers.length; i++) {
+ for (SignerInfo signer : signers) {
// first check if we need to find an anchor
- if (signers[i].getTrustAnchor() == null) {
+ if (signer.getTrustAnchor() == null) {
// no anchor set ask the trust engines
if (engines == null)
engines = getTrustEngines();
// check trust of singer certs
- Certificate[] signerCerts = signers[i].getCertificateChain();
- ((SignerInfoImpl) signers[i]).setTrustAnchor(findTrustAnchor(signerCerts, engines, supportFlags));
+ Certificate[] signerCerts = signer.getCertificateChain();
+ ((SignerInfoImpl) signer).setTrustAnchor(findTrustAnchor(signerCerts, engines, supportFlags));
// if signer has a tsa check trust of tsa certs
- SignerInfo tsaSignerInfo = trustedContent.getTSASignerInfo(signers[i]);
+ SignerInfo tsaSignerInfo = trustedContent.getTSASignerInfo(signer);
if (tsaSignerInfo != null) {
Certificate[] tsaCerts = tsaSignerInfo.getCertificateChain();
((SignerInfoImpl) tsaSignerInfo).setTrustAnchor(findTrustAnchor(tsaCerts, engines, supportFlags));
@@ -356,17 +357,17 @@ public class SignedBundleHook implements ActivatorHookFactory, BundleFileWrapper
if ((supportFlags & SignedBundleHook.VERIFY_TRUST) == 0)
// we are not searching the engines; in this case we just assume the root cert is trusted
return certs != null && certs.length > 0 ? certs[certs.length - 1] : null;
- for (int i = 0; i < engines.length; i++) {
- try {
- Certificate anchor = engines[i].findTrustAnchor(certs);
- if (anchor != null)
- // found an anchor
- return anchor;
- } catch (IOException e) {
- // log the exception and continue
- log("TrustEngine failure: " + engines[i].getName(), FrameworkLogEntry.WARNING, e); //$NON-NLS-1$
+ for (TrustEngine engine : engines) {
+ try {
+ Certificate anchor = engine.findTrustAnchor(certs);
+ if (anchor != null)
+ // found an anchor
+ return anchor;
+ } catch (IOException e) {
+ // log the exception and continue
+ log("TrustEngine failure: " + engine.getName(), FrameworkLogEntry.WARNING, e); //$NON-NLS-1$
+ }
}
- }
- return null;
+ return null;
}
}

Back to the top